from the impeccable-timing dept

The DOJ is one step closer to being allowed to remotely access computers anywhere in the world using a normal search warrant issued by a magistrate judge. The proposed amendments to Rule 41 remove jurisdiction limitations, which would allow the FBI to obtain a search warrant in, say, Virginia, and use it to "search" computers across the nation using Network Investigative Techniques (NITs).

This won't save evidence obtained in some high-profile cases linked to the FBI's two-week gig as child porn site administrators. Two judges have ruled that the warrants obtained in this investigation are void due to Rule 41(b) jurisdiction limitations. (Another has reached the same conclusion in an unrelated case in Kansas). The amendments recently approved by the US Supreme Court would strip away the jurisdiction limitation, making FBI NIT use unchallengeable, at least on jurisdiction grounds.

Rule 41. Search and Seizure

(b) Venue for a Warrant Application. At the request of a federal law enforcement officer or an attorney for the government:

(6) a magistrate judge with authority in any district where activities related to a crime may have occurred has authority to issue a warrant to use remote access to search electronic storage media and to seize or copy electronically stored information located within or outside that district if:

(A) the district where the media or information is located has been concealed through technological means; or

(B) in an investigation of a violation of 18 U.S.C. § 1030(a)(5), the media are protected computers that have been damaged without authorization and are located in five or more districts.

The DOJ claims the updates are needed because suspects routinely anonymize their connections, making it difficult to determine where they're actually located. Opponents of the changes point out that this significantly broadens the power of magistrate judges, who would now be able to approve search warrants targeting any computer anywhere in the world.

“These amendments will have significant consequences for Americans’ privacy and the scope of the government’s powers to conduct remote surveillance and searches of electronic devices. I plan to introduce legislation to reverse these amendments shortly, and to request details on the opaque process for the authorization and use of hacking techniques by the government,” said Wyden.

“Under the proposed rules, the government would now be able to obtain a single warrant to access and search thousands or millions of computers at once; and the vast majority of the affected computers would belong to the victims, not the perpetrators, of a cybercrime. These are complex issues involving privacy, digital security and our Fourth Amendment rights, which require thoughtful debate and public vetting. Substantive policy changes like these are clearly a job for Congress, the American people and their elected representatives, not an obscure bureaucratic process.”

Worse, the amendments will be adopted if Congress does what it frequently does best: nothing. Congress actually needs to take action to block the amendments, but seeing as it only has until December 1, 2016, to do it, it seems highly unlikely that it will make the effort to do so -- not during an election year and certainly not during the annual struggle of approving a budget.

On the bright side, Ron Wyden is generally pretty good at mobilizing opposition, even when there appears to be little support for his efforts. We can also expect a variety of civil liberties groups and activists to start pushing Congress to "opt out" of the proposed changes.

Reader Comments

what the hell does the Supreme Court think it's doing? it sure as hell doesn't have the authority to do this! what makes it think it can give this authority to computers in other countries? does it think because it's come from the USA that every other country MUST take notice and do what it says? disgraceful attitude to have and i can see there being problems coming from the EU and other places if the US tries to exert it's way!

How is this supposed to work?

Does this mean that US citizens have to use a computer that the FBI can hack? Surely even the FBI, as notoriously good hackers that they are, can't claim to have 0days for everything. What if I'm running a full-disk-encrypted Minix or something? A very customized Linux kernel, or OpenBSD?

I'll grant that less than 2% of the populace runs something other than Windows or Mac, but that's probably the 2% these FBI chaps are most interested in, eh?

Re: How is this supposed to work?

No, it does not impose any requirement for easy breaching. This is saying that if they can find any judge who can be convinced that hacking a computer is a good idea (on the government's say-so, and likely without any opportunity for a counterparty to argue against it), then they can try to hack their target without worrying about whether that judge has traditional jurisdiction over the target or its owner. The judge may not be able to issue a legally valid warrant to arrest the owner or search the owner's physical property, but this change means he/she can issue a warrant to break into the owner's digital assets and the citizen's only recourse is to try to be a hard enough target that the attack fails.

Re: Re: How is this supposed to work?

No, it does not impose any requirement for easy breaching.

How do we know this? And what happens to the first "San Bernadino iPhone" laptop that the FBI tries to hack? It'll be just like the damn SOPA and CIPA, or the "fashion copyright" idiocy - every session, a new congressperson will file a bill to mandate an Official US Citizen's Computer (a.k.a. Windows 11) to "facilitate law enforcement".

Turnabout however is /not/ fair play

Well, that's certainly going to be handy the next time a foreign government wants to hack into US systems, they just need to get a warrant or the legal equivalent from their courts and off they go. USG can't complain, after all if the FBI or other US agencies can hack foreign systems without issue then clearly foreign agencies can hack US systems in return, and unless the USG wants to look like a gigantic hypocrite again they'll have no grounds to complain so long as the hacker in question claims to be operating under legal authority.

So the computer seems to be in San Francisco but they discover afterwards that it's actually in Atlanta. If they call Atlanta and ask for a warrant to keep searching it's all clear, correct? Why do we need any changes? And if it's something international you can still get cooperation, specially if you find out it's from some VPN. Go to the country where their hq are located and ask for cooperation.

May not be as fast as they want but it can be feasible and it respects rights and privacy of everybody else while at it.

Re:

Re: FBI's credibility

I want to agree, but I feel bad because I can't. As near as I can tell, the FBI hasn't ever had that much credibility. Apparently J. Edgar Hoover used the FBI as his personal weapon against the US Congress from the very beginning.

It's often noted that Lyndon Johnson said, "Don't get caught sleeping with a live pig or a dead woman". Nobody ever says why ol' LBJ knew this, but I think we can all guess that the FBI caught him doing one or the other.

Even easier to plant evidence of a crime on a target they do not like, then claim the method used to discover it is secret evidence that would harm the national defense(the FBI's ability to frame people), and therefore cannot be allowed to be seen by the defense of the accused.

The problem: particularity

To me, this seems a reasonable change--mostly. The primary purpose of the existing rule 41 under discussion is to prevent venue shopping for warrants, not to prevent warrants entirely when the FBI has no idea where someone resides.

Where it falls down is "particularity"; with respect to the Fourth Amendment clause, "...particularly describing the place to be searched, and the persons or things to be seized."

As I see it, the problem isn't that a warrant was used to access a computer at an unknown location, the problem was that a single warrant was used to access every computer at every location.

Warrants under a new rule 41 should serve only for technical identification of a computer. Once a computer has been identified particularly, the FBI should have to obtain a specific warrant to search that computer particularly.

Suppose the government gained control of a drug distribution point, and decided to continue to ship drugs...along with a free tracker in every bag. A single NIT-equivalent warrant should be good for that, even though the government has no idea where the bags are going (could be going to another state).

But once a particular bag has been delivered to a particular warehouse, for example, the government should have to obtain a warrant particular to that warehouse.

Rule 41 did fall down, I just disagree as to the extent of the breakdown and the flaws of the proposed correction.